Keeping track of your access and error logs is a critical component of any serious security strategy. Many times, you will see a recorded entry that looks legitimate, such that it may easily be dismissed as genuine Google fare, only to discover upon closer investigation a fraudulent agent. There are many such cloaked or disguised agents crawling around these days, mimicking various search engines to hide beneath the radar. So it’s always a good idea to implement a procedure for […] Continue reading »
In the hellish battle against spam, many WordPress users have adopted a highly effective trinity of anti-spam plugins: Akismet Bad Behavior Spam Karma This effective triage of free WordPress plugins has served many a WP-blogger well, eliminating virtually 99% of all automated comment-related spam. When spam first became a problem for me, I installed this triple-threat arsenal of anti-spam plugins and immediately enjoyed the results. Although Spam Karma seemed a little invasive and resource-intensive, too much protection seemed far better […] Continue reading »
WordPress users employing permalinks via htaccess to optimize their dynamic URLs transform complicated-looking links such as: http://example.com/blog/index.php?page=33 ..into search-engine friendly links such as: http://example.com/blog/post-title/ Every rewritten URL relies on a common set of htaccess rules to transform the links. The htaccess rules for all WordPress permalinks look like this for root WP installations: Continue reading »
![[ Image: Death-metal rocker drunk with power ]](https://perishablepress.com/wp/wp-content/images/2007/misc-chunks/ultimate-nofollow-blacklist.jpg "Behold the power of ultimate blacklist!")
Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should […] Continue reading »
![[ Image: Inverted Eye Detail ]](https://perishablepress.com/wp/wp-content/images/2007/misc-chunks/dofollow-whitelist.jpg)
Before repenting of my filthy “nofollow” addiction, I experimented briefly with a “dofollow whitelist” for commentator URL links. The idea behind the whitelist is to reward frequent commentators, feed subscribers, site patrons, and other guests by selectively removing the automatically generated nofollow attributes from their associated comment-author links. For nofollow enthusiasts, a dofollow whitelist is a great way to show appreciation for people who support your blogging efforts. Now, before we go hacking away at WordPress, keep in mind that […] Continue reading »
![[ Image: Extreme close-up of an eye (send email to purchase a full-size version) ]](https://perishablepress.com/wp/wp-content/images/2007/misc-chunks/nofollow-blacklist.jpg)
Previously, in our unofficial “WordPress dofollow upgrade” series, we dished several techniques for removing the antisocial nofollow attributes from default installations of WordPress. After an exhaustive review of available dofollow plugins, we explained how drop-dead easy it is to transform any WordPress blog into a well-standing member of the dofollow community without relying on a plugin to do the job. Our next article detailed a nofollow removal hack that selectively targets pingbacks, trackbacks, and commentator links. Then, we went off […] Continue reading »
Recently, I discussed the suspicious behavior recently observed by the Yahoo! Slurp crawler. As revealed by the site’s closely watched 404-error logs, Yahoo! had been requesting a series of nonexistent resources. Although a majority of the 404 errors were exclusive to the Slurp crawler, there were several instances of requests that were also coming from Google, Live, and even Ask. Initially, these distinct errors were misdiagnosed as existing URLs appended with various JavaScript functions. Here are a few typical examples […] Continue reading »
![[ Image: Abstract Mathematical Diagram ]](https://perishablepress.com/wp/wp-content/images/2009/misc-chunks/temp-redirect.jpg)
In our article Stupid htaccess Tricks, we present the htaccess code required for redirecting visitors temporarily during periods of site maintenance. Although the article provides everything needed to implement the temporary redirect, I think readers would benefit from a more thorough examination of the process — nothing too serious, just enough to get it right. After discussing temporary redirects via htaccess, I’ll also explain how to accomplish the same thing using only a small slice of PHP. It’s like two […] Continue reading »
Not the most interesting title, but “oh well”.. Recently, a reader named Alison left a comment requesting help with a particular htaccess trick. She wanted to know how to permanently redirect (301) all requests for a specific page when requested from a specific IP address. In other words, when a visitor coming from 123.456.789 requests the page requested-page.html, the visitor will be redirected to just-for-you.html. All visitors not coming from that specific IP address are not redirected, and thus will […] Continue reading »
![[ Image: Skeletor Blocks a Move ]](https://perishablepress.com/wp/wp-content/images/2007/misc-chunks/block-senders.jpg "'Sorry, but access is NOT allowed - ha ha ha ha ha!'")
Figuratively speaking, hunting down and killing spammers, scrapers, and other online scum remains one of our favorite pursuits. Once we have determined that a particular IP address is worthy of banishment, we generally invoke the magical powers of htaccess to lock the gates. When htaccess is not available, we may summon the versatile functionality of PHP to get the job done. This method is straightforward. Simply edit, copy and paste the following code example into the top of any PHP […] Continue reading »
![[ Image: Solar Eclipse ]](https://perishablepress.com/wp/wp-content/images/2007/misc-chunks/blacklist-eclipse.jpg)
For those of us running Apache, htaccess rewrite rules provide an excellent way to block spammers, scrapers, and other scumbags easily and effectively. While there are many htaccess tricks involving blocking domains, preventing access, and redirecting traffic, Apache’s mod_rewrite module enables us to target bad agents by testing the user-agent string against a predefined blacklist of unwanted visitors. Any matches are immediately and quietly denied access. Continue reading »
In this article, we extrapolate our favorite CSS-compression technique for JavaScript. Below, we outline the steps required to auto-compress your JavaScript documents via gzip and PHP. Two different compression methods are presented. The first method does not require htaccess, but rather involves the manual editing of JavaScript files. The second method employs htaccess to do all the work for you, thus requiring much less effort to implement. In either case, the result is the same: automatically compressed content delivered only […] Continue reading »
PHP compression is an excellent method of conserving bandwidth and reducing client download times. We have already discussed an excellent method for CSS compression, and in this article we share a super-easy technique for compressing all PHP content without editing a single file. Continue reading »
Web developers trying to control comment-spam, bandwidth-theft, and content-scraping must choose between two fundamentally different approaches: selectively deny target offenders (the “blacklist” method) or selectively allow desirable agents (the “opt-in”, or “whitelist” method). Currently popular according to various online forums and discussion boards is the blacklist method. The blacklist method requires the webmaster to create and maintain a working list of undesirable agents, usually blocking their access via htaccess or php. The downside of blacklisting is that it requires considerable […] Continue reading »
Roll your own Apache Rewrite log! Rocking your own rewrite log is super-helpful for testing .htaccess rewrite rules, WordPress Permalinks, and much more. All you need is Apache 2.2 (or previous), mod_rewrite enabled (very common on most servers), and access to your server configuration file, http.conf. Continue reading »
This post exists entirely for the sake of tweaking time functionality in Apache, PHP, SQL, and WordPress.. Continue reading »
